Actions
Bug #2395
closed
Digest<Hash>::operator== is vulnerable to timing attack
Start date:
01/18/2015
Due date:
% Done:
100%
Estimated time:
Description
Digest<Hash>::operator== uses Block::operator== which uses std::equals which is not a constant-time algorithm.
Digest is often used in security related context, but a non-constant-time Digest<Hash>::operator== is vulnerable to timing attack.
Possible solutions:
- either implement
Digest<Hash>::operator==using a constant-time algorithm, see http://codahale.com/a-lesson-in-timing-attacks/ - or add
\warning This method cannot be used in security related context because it is vulnerable to timing attackto Doxygen block
Updated by Alex Afanasyev almost 10 years ago
For me, warning is more than enough. I think this class is not intended to be used in security context, at least the current usages are not security-related.
Updated by Junxiao Shi almost 10 years ago
- Status changed from New to In Progress
- Assignee set to Junxiao Shi
- Target version set to v0.3
Updated by Junxiao Shi almost 10 years ago
- Status changed from In Progress to Code review
- % Done changed from 0 to 100
Updated by Alex Afanasyev almost 10 years ago
- Status changed from Code review to Closed
Actions